Advertisement
Advertisement
Apple
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
A man holds his new iPhone 6 in front of an Apple store in Shanghai on Friday. Photo: AFP

New | Chinese iCloud user information targeted in cyberattacks amid Hong Kong protests

Apple

Chinese authorities appear to have expanded a large internet eavesdropping campaign this month to Apple services, targeting private users’ passwords, emails, photos and contacts, a censorship watchdog has said.

iCloud accounts in China were targeted in a so-called “man-in-the-middle” attack, in which hackers trick users into believing that they are accessing online services through an encrypted connection, GreatFire.org wrote in a blogpost on Monday. The attacker then gains unrestricted access to user accounts.

The attack appears to coincide with the release of Apple’s new iPhone 6 in China on Friday. Apple in Hong Kong and Beijing did not immediately reply to requests for comments on Monday.

GreatFire had earlier suggested that Chinese users of Google and Yahoo services had come under “man-in-the-middle” attacks. 

The blog post suggests that the most recent attack against iCloud services could be tied to Hong Kong’s pro-democracy demonstrations which have lasted more than three weeks. The protests also triggered the largest censorship effort so far this year on Chinese social media.

Netresec, a Swedish network security software developer, analysed the attack on Yahoo and found the attack originated in China.

In a blog post earlier this month, the company said that the primary purpose of the operation appeared not to be spying on users making random searches in China, but to “'kill' their connections to Yahoo when queries like ‘Umbrella Revolution’ and ‘Tiananmen Square Protests’ are observed”.

Charlie Smith, the co-founder of GreatFire.org, says there is little doubt that Chinese authorities were to blame for the latest attack on iCloud.

"We know that the attack point is the Chinese internet backbone and that it is nationwide, which would lead us to be 100 per cent sure that this is again the work of the Chinese authorities,” he said. “Only Chinese internet service providers] and the government have access to the backbone.”

Smith said the recent series of attacks could also reflect an attempt by Chinese authorities to adapt their surveillance methods as more online services move to encrypted connections. “We expect that there will be more [“man-in-the-middle”] attacks in the near future and that they will increase in severity."

Post